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AMENDMENTS TO THE CLAIMS: 



This listing of claims replaces all prior versions and listings of claims in the 



application: 



LISTING OF CLAIMS : 

1 . (Currently Amended) A method comprising: 

receiving, from a delegator, a designation of a role and a delegate to assume the role; 
receiving, from a credential service provider, an indication that the designation is valid; and- 
issuing generating a delegation credential in response to receiving the indication , wh e r e in 

th e d e l e gation cr e d e ntial includ e s encod e d d e legation information; 
receiving a request from the delegate for access to a service; 
providing the delegation credential in response to the request; and 
sending the delegation credential to a verification service that compares the selected 

delegation credential to permissible delegation credentials for the delegate. 



2. (Cancelled) 



3. (Currently Amended) The method of claim 1, wherein the delegation credential allows 
the delegate to access the service assum e th e rol e. 



Applicants 
Serial No. 
Filed 
Page 



Ernie F. Brickell et al. 
09/998,549 
November 28, 2001 
3 of 15 



Attorney's Docket No. : 1 0559-50500 1 
Intel Docket No.: P8790X 



4. (Currently Amended) The method of claim 1 , further comprising: 

issuing a confirmation to the delegator which indicates that the delegation credential was 
generated issued. 

5. (Original) The method of claim 1, wherein the delegator can delegate multiple 
functions, the role comprising one of the multiple functions. 

6. (Currently Amended) The method of claim 1, wherein the delegation credential is 
issued to,, and stored by 4 at least one of the delegate and a credential service provider. 

7. (Currently Amended) The method of claim 6, wherein the credential service provider 
receives a digital the delegation credential from the delegate and an access requirement for access 
to the service from a relying party and determines if the digital delegation credential is valid for the 
access requirement. 

8. (Currently Amended) The method of claim 7, wherein the credential service provider 
determines if there is a pre-existing delegation credential that corresponds to the access 
requirement and provides the delegation credential that corresponds to the access requirement to 
the delegate. 
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9. (Original) The method of claim 8, wherein multiple delegation credentials correspond 
to the access requirement and the credential service provider provides the multiple delegation 
credentials to the delegate. 

1 0. (Currently Amended) The method of claim 9, wherein the delegate selects the 
delegation credential from among which of the multiple delegation credentials to use for the access 
requirement and the credential service provider provides a s e lect e d the delegation credential to the 
relying party. 

1 1 . (Currently Amended) A method comprising: 
receiving a request from a delegate for access to a service; 
obtaining delegation credentials for the delegate; 

determining which of the delegation credentials correspond to an access r e quir e m e nto 
requirement for the service; and 

providin g, to the delegate, the delegation credentials that correspond to the access 
requirement r e quir e m e nts ; and 

sending a selected delegation credential to a verification service that compares the selected 
delegation credential to permissible delegation credentials for the delegate . 



12. (Cancelled) 
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13. (Currently Amended) The method of claim 1 1 , further comprising: 
receiving, from the delegate, a an indication corresponding to the selected on e of th e 

delegation credential cr e d e ntials that corr e spond to the acc e ss r e quirements ; and 

using the selected one of th e delegation credential cr e d e ntials to access the service if the 
selected delegation credential comprises a permissible delegation credential for the delegate . 

14. (Currently Amended) The method of claim 13, wherein sending is performed furth e r 
comprising: v e rifying validity of th e s e l e ct e d on e of th e d e legation cr e d e ntials prior to using the 
selected on e of th e delegation credential cr e d e ntials to access the service. 

15. (Currently Amended) The method of claim 13, further comprising: 

receiving a stat e m e nt indicating an indication that the selected delegation credential on e of 
th e digital cred e ntials is valid prior to using the selected on e of th e delegation credential 
cred e ntials to access the service. 

16. (Currently Amended) A method comprising: 

receiving, from a delegate, a value corresponding to a confirmation code and an identifier, 
the confirmation code and the identifier corresponding to a delegato r, the confirmation code being 
generated by a Web site visited by the delegate : 

identifying the delegator using at least one of the identifier and the confirmation code; 

assigning, to the delegate, a delegation credential that corresponds to the delegator; and 
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sending a message to the delegator indicating that the delegation credential has been 



assigned. 



17. (Cancelled) 

18. (Original) The method of claim 16, further comprising: 

storing the delegation credential in a database maintained by a delegation service provider. 

19. (Original) The method of claim 16, wherein identifying comprises checking a hash of 
the confirmation code to identify the delegator. 

20. (Currently Amended) A method comprising: 

receiving, from a delegate, a delegation request for a role of the delegator; 

receiving a value corresponding to a confirmation code from the delegate , the confirmation 
code being generated by a Web site visited by the delegate ; 

receiving, from the delegator, a request for outstanding delegation requests; 

requesting approval from the delegator of an outstanding delegation request from the 
delegate; and 

receiving the confirmation code from the delegator in response to requesting approval. 



21. (Original) The method of claim 20, further comprising: 

confirming the approval of the outstanding delegation request using the confirmation code. 
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22. (Original) The method of claim 21, further comprising: 
receiving a digital credential from the delegator; and 

confirming that the received digital credential matches a digital credential of the delegator. 

23. (Currently Amended) An article comprising a machine-readable medium that stores 
executable instructions that cause a machine to: 

receive, from a delegator, a designation of a role and a delegate to assume the role; 
receive, from a credential service provider, an indication that the designation is valid; aed 
issue generate a delegation credential in response to receiving the indicatio n, wh e r e in th e 

d e l e gation cred e ntial includ e s e ncod e d d e l e gation information^ 

receive a request from the delegate for access to a service; 

provide the delegation credential in response to the request; and 

send the delegation credential to a verification service that compares the selected 

delegation credential to permissible delegation credentials for the delegate. 

24. (Cancelled) 

25. (Currently Amended) The article of claim 23, wherein the delegation credential allows 
the delegate to access the service assum e th e rol e. 
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26. (Currently Amended) The article of claim 23, further comprising instructions that 
cause the machine to: 

issue a confirmation to the delegator which indicates that the delegation credential was 
generated issued. 

27. (Original) The article of claim 23, wherein the delegator can delegate multiple 
functions, the role comprising one of the multiple functions. 

28. (Currently Amended) The article of claim 23, wherein the delegation credential is 
issued tOi and stored by 4 at least one of the delegate and a credential service provider. 

29. (Currently Amended) An article comprising a machine-readable medium that stores 
executable instructions that cause a machine to: 

receive a request from a delegate for access to a service; 
obtain delegation credentials for the delegate; 

determine which of the delegation credentials correspond to an access r e quir e m e nts 
requirement for the service; and 

provide , to the delegate, the delegation credentials that correspond to the access 
r e quir e m e nts requirement; and 

send a selected delegation credential to a verification service that compares the selected 
delegation credential to permissible delegation credentials for the delegate . 
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30. (Cancelled) 

3 1 . (Currently Amended) The article of claim 29, further comprising instructions that 
cause the machine to: 

receive, from the delegate, a s e l e ct e d on e of th e an indication corresponding to the selected 
delegation credential cr e d e ntialo that corr e spond to th e acc e ss r e quir e m e nts ; and 

use the selected on e of th e delegation cr e d e ntials credential to access the service if the 
selected delegation credential comprises a permissible delegation credential for the delegate . 

32. (Currently Amended) The article of claim 31, wherein sending is performed furth e r 
comprising instructions that caus e the machin e to: v e rify validity of th e s e l e ct e d on e of th e 
d e l e gation cr e d e ntials prior to using the selected on e of th e delegation credential cr e d e ntials to 
access the service. 

33. (Currently Amended) The article of claim 31, further comprising instructions that 
cause the machine to: 

receive a statem e nt indicating an indication that the selected delegation credential on e of 
th e digital cred e ntials is valid prior to using the selected one of th e delegation cr e d e ntialo 
credential to access the service. 



34. (Currently Amended) An article comprising a machine-readable medium that stores 
executable instructions that cause a machine to: 
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receive, from a delegate, a value corresponding to a confirmation code and an identifier, the 
confirmation code and the identifier corresponding to a delegato r, the confirmation code being 
generated by a Web site visited by the delegate ; 

identify the delegator using at least one of the identifier and the confirmation code; 

assign, to the delegate, a delegation credential that corresponds to the delegator; and 

send a message to the delegator indicating that the delegation credential has been assigned 

35. (Cancelled) 

36. (Original) The article of claim 34, further comprising instructions that cause the 
machine to: 

store the delegation credential in a database maintained by a delegation service provider. 

37. (Original) The article of claim 34, wherein identifying comprises checking a hash of 
the confirmation code to identify the delegator. 

38. (Currently Amended) An article comprising a machine-readable medium that stores 
executable instructions that cause a machine to: 

receive, from a delegate, a delegation request for a role of the delegator; 
receive a value corresponding to a confirmation code from the delegate , the confirmation 
code being generated by a Web site visited by the delegate ; 

receive, from the delegator, a request for outstanding delegation requests; 
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request approval from the delegator of an outstanding delegation request from the delegate; 

and 

receive the confirmation code from the delegator in response to requesting approval. 

39. (Original) The article of claim 38, further comprising instructions that cause the 
machine to: 

confirm the approval of the outstanding delegation request using the confirmation code. 

40. (Original) The article of claim 39, further comprising instructions that cause the 
machine to: 

receive a digital credential from the delegator; and 

confirm that the received digital credential matches a digital credential of the delegator. 



